[TASK] Reports module uses internal data of salted passwords
authorDmitry Dulepov <dmitry@typo3.org>
Mon, 28 Nov 2011 12:12:39 +0000 (14:12 +0200)
committerDmitry Dulepov <dmitry@typo3.org>
Mon, 6 Feb 2012 12:37:11 +0000 (13:37 +0100)
commit329f00d4da99d5848dfd4ff65eea59be2dcbefc1
treeaaa38bbcd270d6ac01eda5acc3f06e0408a8662d
parentff5d585d4a6bdf5484ba058693b14984520684bb
[TASK] Reports module uses internal data of salted passwords

Reports module changes from issue #30695 introduced a check
for the saltedpasswords extension and a report about users,
whose passwords are not protected by the saltedpasswords.
That check queries database directly and uses internal
knowledge of saltedpasswords about marking the password
with certain characters. This can break reports module
if saltedpasswords adds a new scheme to salt passwords.
Only saltedpasswords should know about those prefixes.
Other extensions should use the API of saltedpasswords
to query the information.

Change-Id: I335697612d9f58935320261278054fc1863871f4
Resolves: #32136
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/7408
Reviewed-by: Markus Klein
Tested-by: Markus Klein
Reviewed-by: Wouter Wolters
Reviewed-by: Dmitry Dulepov
Tested-by: Dmitry Dulepov
typo3/sysext/reports/reports/status/class.tx_reports_reports_status_securitystatus.php
typo3/sysext/saltedpasswords/classes/class.tx_saltedpasswords_div.php